Federal Compliance Specialist

Job DescriptionAssists and supports the organization in complying with, as well as the ongoing preparation, testing and monitoring of conformance to, the requirements of government regulations and/or regulatory agencies.Performs evaluation of internal operations, controls, communications, risk assessments and maintenance of documentation as related to regulatory compliance and recommends appropriate changes. Conducts and facilitates internal and external audits to identify, evaluate, disclose and appropriately remedy risks and deficiencies. Coordinates the preparation of and may prepare document packages for regulatory submissions from all areas of company as well as for internal and external audits and inspections. May serve as point of contact for interactions with regulatory agencies for defined matters. Drive the development and implement a comprehensive risk management and regulatory compliance strategy across the GBUs to optimize and continuously improve the information security of the GBU products and services. The role requires coordination between the GBUs'' Development, Cloud Services, Services, and Operations teams and Oracle''s centralized Corporate Security Group and Oracle Legal organizations. This team will ensure that the IT environment implements, demonstrates and continuously monitors the controls necessary to meet key security frameworks and regulatory specifications including ISO 2700x, PCI DSS,HIPAA and SSAE 16 as needed by the GBUs. Facilitate third party attestations, audits and certification efforts for the GBUs. Develop customer facing documentation that describe the security and compliance across the GBUs including Oracle Cloud for Industry. Assess the Cloud compliance and security landscape to keep OCI controls current with industry standards. Interface with corporate groups including Corporate, Privacy and Security legal and Internal audit to ensure compliance with policy. Lead project team members and formalize risks and key controls associated with significant Oracle Cloud for Industry and GBU processes. Manage the vendor security program for the GBUs. Coordinate audit testing, documentation, self-assessment testing and remediation activities. Make recommendations to correct deficiencies identified during the various audits. Perform the role of compliance consultant and subject matter expert for the Oracle GBUs to help them improve their control environment as necessary. Manage project functions including project scheduling, tracking, communications, and controlling to ensure project meets deadlines and remains on schedule.Acknowledged authority within the Corporation. Exercises creativity and independent judgment in developing methods, techniques, and evaluation criteria. Ability to travel. 10 plus years experience. Bachelor Degree or equivalent. CISA, CISM, CISSP, CIPP desired. 10+ years related experience. Formal training in project management. Fluency & extensive experience IT auditing and controls, preferable with SOX, SSAE 16 - SOC 1 & SOC 2, PCI compliance, NIST, DIACAP, FedRAMP, ISO 27001 & ISO 27002. Strong working knowledge of IT processes and IT infrastructure. Proven ability to combine business acumen, technical acumen and process expertise to define control specifications for SSAE 16 SOC 1 & SOC 2, PCI, ISO 27002. Demonstrated success in leading, controlling, & completing IT projects. Proven ability to influence & gain buy-in at multiple levels, across divisions, functions and cultures; comfort working with executive level management. Demonstrated ability to achieve results through cross-functional, virtual teams. Ability to prioritize, manage, and deliver on multiple projects simultaneously; highly motivated and able to work against aggressive schedules. Strong bias toward action, flexible, resourceful, and able to operate effectively within a dynamic, fast-pace environment. Superior communication skills (interpersonal, verbal, presentation written, email. Positive attitude, team player, self-starter; takes initiative, ability to work independently. Discretion in handling confidential information.If you are a Colorado resident, Please Contact us or Email us at [Click Here to Email Your Resumé] to receive compensation and benefits information for this role. Please include this Job ID: 163214 in the subject line of the email.ResponsibilitiesFederal Compliance SpecialistHigh Compliance Center of ExcellenceOracle''s Construction and Engineering (CEGBU) is the world''s leading project and portfolio management software organization. Since 1983, CEGBU has provided the software foundation enabling all types of businesses to achieve excellence in managing their portfolios, programs, projects, and resources. CEGBU products have managed projects totaling an estimated $6 trillion plus in value. Our development group builds enterprise-level solutions for our customers in project-intensive industries. Our applications provide project and portfolio management, contract management, resource management, and risk management solutions used by customers worldwide. We use an agile development approach that incorporates regular retrospectives and process improvement to ensure that we are always building software in the most efficient, effective way possible. We are investing in developing and maintaining high compliance versions of our solutions and a DevOps skilled approach to managing them. These solutions are/will be offered in restricted markets such as US Federal, DoD and other regions.At Oracle, we dont just value differenceswe celebrate them. Were committed to creating a workplace where all kinds of people work together. We believe innovation starts with diversity and inclusion. Federal Compliance Specialist will support strategic compliance directives the Center of Excellence oversees. These directives are across restricted markets and high compliance initiatives for the CEGBU. This experienced professional will support the High Compliance COE Director, coordinate with business area managers and technical staff to ensure information system security and operational compliance. This role will provide compliance oversight to the development organization and lead assessments and authorization initiatives. This individual will be responsible for developing and implementing processes that ensure system security posture and operations meet or exceed IL4 or FedRAMP Moderate+ requirements. This oversight includes providing advisory support to ensure adherence to controls, processes, procedures, audit obligations and authorization processes. This role will work closely with ISSOs, SPOCs and other security organizations within Oracle. This is also a client-facing role that will interact with agency sponsors, 3PAO, SCA-V, DISA, NETCOM , etc.Responsibilities:Oversee security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework and Standards (NIST RMF, 800-53).Provide support to senior leadership for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologiesPropose, coordinate, implement, and enforce information systems security policies, standards, and methodologiesProvide organizational support for implementing, and enforcing information systems security policies, standards, and methodologies.Prepare and oversee certification and accreditation procedures, cost benefit and economic reviews around IA policies, and analyze patterns of non-complianceSupport the development and implementation of system security policy and ensure complianceCoordinate vulnerability/risk assessment analysis to support certification and accreditation.Oversee preparation and maintenance of documentation that includes System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).Use federal and organization-specific published documents to support the management of operations for our high compliance system(s)Other Essential Functions:Must have a command of authorization processes for both Federal Civilian and DoD agencies. Must be able to interface with individuals at all levels of the organization both verbally and in writing. Must be well-organized with the ability to coordinate and prioritize multiple tasks simultaneously. Must work well under pressure to meet deadline requirements. Must be willing to travel as needed. Must be a US citizen.ExperienceEducationBachelors degree in Computer Science or related discipline from an accredited college or university is required.Four (4) years of additional experience as an ISSM, SCA-R or SCA-V may be substituted for a bachelors degree.QualificationsFive (5) years experience on programs of similar scope, type, and complexity is required.Experience is to include at least three (3) successful attainment of the following authorizations: FedRAMP Moderate, FedRAMP Moderate +, IL2, IL4, IL5.CertificationsApplicable Certifications & Accreditations:DOD 8570Information Assurance Manager (IAM)Information Systems Audit and Control Association (ISACA)Certified Information Security Manager (CISM)Certified Information Systems Auditor (CISA)Global Information Assurance Certification (GIAC)Cyber Security Leadership Certification (GSLC)International Information Systems Security Certifications Consortium (ISC)Certified Information Systems Security Professional (CISSP)Certification Authorization Professional (CAP)Information Systems Security Management Professional (ISSMP)About UsDiversity and Inclusion:An Oracle career can span industries, roles, Countries and cultures, giving you the opportunity to flourish in new roles and innovate, while blending work life in. Oracle has thrived through 40+ years of change by innovating and operating with integrity while delivering for the top companies in almost every order to nurture the talent that makes this happen, we are committed to an inclusive culture that celebrates and values diverse insights and perspectives, a workforce that inspires thought leadership and innovation.Oracle offers a highly competitive suite of Employee Benefits designed on the principles of parity, consistency, and affordability. The overall package includes certain core elements such as Medical, Life Insurance, access to Retirement Planning, and much more. We also encourage our employees to engage in the culture of giving back to the communities where we live and do business.At Oracle, we believe that innovation starts with diversity and inclusion and to create the future we need talent from various backgrounds, perspectives, and abilities. We ensure that individuals with disabilities are provided reasonable accommodation to successfully participate in the job application, interview process, and in potential roles. to perform crucial job functions.Thats why were committed to creating a workforce where all individuals can do their best work. Its when everyones voice is heard and valued that were inspired to go beyond whats been done before.Disclaimer:Oracle is an Equal Employment Opportunity Employer * . All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.* Which includes being a United States Affirmative Action Employer

Created: 2025-11-15